Описание
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to tcsldwd~main/Main, related to "CIM UPLOAD," aka SAP Security Note 2090851.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:sap:sap_netweaver_application_server_java:7.4:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00957
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to tc~sld~wd~main/Main, related to "CIM UPLOAD," aka SAP Security Note 2090851.
fstec
больше 10 лет назад
Уязвимость сервера приложений SAP NetWeaver Application Server, позволяющая нарушителю нарушить безопасность информации
EPSS
Процентиль: 76%
0.00957
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other